Blog Posts Tagged with "Innovation"


Preventative -v- Detective Security

December 02, 2012 Added by:Simon Moffatt

Security has several issues from a proactive implementation perspective. Like anything, a detailed return on investment, including both tangible and non-tangible benefits, is required...

Comments  (0)


Compliance and Company Values from the Ground Up

September 17, 2012 Added by:Thomas Fox

For the compliance practitioner sometimes the biggest challenge is not only to get senior management but the troops in the trenches to embrace compliance. Cathy Choi's story is a powerful lesson of one way to get those troops to buy into what the compliance department is selling...

Comments  (0)


How the Cloud Disrupted the Corporate Ecosystem

August 29, 2012 Added by:Barrie Hadfield

As the cloud wields increasing influence on corporate environments, the traditional ecosystem becomes more antiquated. There’s some paradox in how the cloud is enabling productivity and collaboration while simultaneously eroding security protocols designed to protect intellectual property and corporate assets...

Comments  (0)


Crisis Malware Threatens Virtualized Environments

August 24, 2012 Added by:Pierluigi Paganini

Crisis Malware is an agent used to spy on victims by intercepting communications, and it is able to open a backdoor on the infected host once the user executes a JAR file made to look like an Adobe Flash Installer. The malware has been developed for several OSs, and a Mac version has been isolated...

Comments  (0)


Black Hat and BSides Las Vegas: The Enemy Within

July 30, 2012 Added by:alan shimel

There was a time that Black Hat was where the edge met the establishment, but Black Hat has gone totally corporate and seems to have lost the edge. All of the edge seems to have gone to BSides. I love both Black Hat and BSides and think each needs a little bit of what the other has to be whole, viable and successful...

Comments  (0)


On Infosec Thought Followers

July 20, 2012 Added by:Dave Shackleford

The CISO who backs her team politically and fights for key projects, the analyst who writes a sweet Python script to automate some rote pen testing task, the incident handler or forensicator who digs for hours to find the root cause of an event, and so on. That’s leadership, and it happens all the time...

Comments  (2)


Security Vendors: Absit Reverentia Vero

July 09, 2012 Added by:

Vendors are driven to sell and sell at all costs. Product features stagnate, services under perform. We the customers suffer and the security postures of all organizations plummets. Adversaries can spend less on penetration innovation while at the same time more easily bypass our defenses...

Comments  (0)


Internet Users Again Shut Out of Secret TPP Negotiations

July 05, 2012 Added by:Electronic Frontier Foundation

We don’t know what’s in the current version of the TPP’s IP chapter - the public has only seen a leaked version. Given what we've seen in this leak, we have every right to be furious that representatives are negotiating an agreement that will harm online expression, privacy, and innovation on the Internet...

Comments  (0)


Hacking Strikes Fear in the Heart of Texas Bureau of Prisons

June 24, 2012 Added by:Electronic Frontier Foundation

Whether you call them hackers, makers, tinkerers, or information security researchers, people on the hacking spectrum have been a boon to society for decades. They power innovation in all sectors and operate as a valuable check on the security and stability of the technology that forms the basis for our society...

Comments  (0)


NIST Conducts Big Data Workshop

June 14, 2012 Added by:Infosec Island Admin

In this first NIST 'Big Data' workshop, key national priority topics will be explored, including examples from science, health, disaster management, security, and finance. At the same time, topics in emerging technology areas including analytics and architectures will also be discussed...

Comments  (0)


Apple's Crystal Prison and the Future of Open Platforms

June 06, 2012 Added by:Electronic Frontier Foundation

Apps that require administrative privileges are impossible to install on an iOS device without jailbreaking it. This includes apps that let you firewall your device and secure your internet traffic with OpenVPN. Jailbreaking also helps security and privacy researchers to see if apps are leaking data...

Comments  (3)


Infosec Subjectivity: No Black and White

June 04, 2012 Added by:Dave Shackleford

Overall, here’s the rub: There are almost no security absolutes. Aside from some obvious things like bad coding techniques, the use of WEP, hiring Ligatt Security to protect you, etc... Everything else is in information security the gray area...

Comments  (1)


Resilience is the New Secure: Evolution of Business-Relevant Thinking

May 30, 2012 Added by:Rafal Los

Resiliency speaks to core business needs much better than security ever could. Resiliency speaks to availability, incident response, business continuity and disaster recovery and security all rolled into one. Resiliency is a measure of preparedness against failure - a component of which is security...

Comments  (2)


The Patchwork Cloud: Making the Security Case

May 05, 2012 Added by:Rafal Los

When we think about cloud computing we can think of security as getting a bit of a gentle push, or shove in some cases. The way it is built and billed as services instead of individual components, and the increased emphasis on automation - security has a real chance of not being a roadblock...

Comments  (0)


On the Sustainability of Information Security

April 25, 2012 Added by:Rafal Los

The only way that information security can be a group of outliers is if we're considering ourselves within the entirety of the IT realm. While this would be great for my ego to think that myself and all my peers are just smarter than everyone else in IT, I know this to be false...

Comments  (0)


From Obstacle to Ally - Repositioning the Security Team

March 30, 2012 Added by:Steven Fox, CISSP, QSA

Rarely are non-security staff engaged in risk control discussions – a lack of interaction that disenfranchises those who will interact with the controls. This engenders a sense of powerlessness that leads to passive sabotage of initiatives intended to further the business...

Comments  (0)

Page « < 1 - 2 - 3 > »